Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

21951
Total
1564
Critical
6675
High
7022
Medium
CVE ID Severity Score Description Published
CVE-2026-46716 CRITICAL 9.9 Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 1.4.0 to before version 2.0.8, a RoleMember user can create … Jun 12, 2026
CVE-2026-41158 UNKNOWN Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages. Physical memory allocated and freed, … Jun 12, 2026
CVE-2026-41157 UNKNOWN A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger an out-of-bound write in the GPU user-space … Jun 12, 2026
CVE-2026-41155 UNKNOWN An attacker could cooperatively pass data from one secure GPU process to another secure GPU process through shared secure memory allocations in the kernel module. … Jun 12, 2026
CVE-2026-34195 UNKNOWN Software installed and run as a non-privileged user may conduct intentional GPU sparse memory API calls to cause out of bounds write in the kernel. … Jun 12, 2026
CVE-2026-12131 MEDIUM 6.3 A weakness has been identified in CodeAstro Human Resource Management System 1.0. This vulnerability affects the function Invoice of the file \application\controllers\Payroll.php of the component … Jun 12, 2026
CVE-2025-7019 MEDIUM 5.5 Stack overflow vulnerability in Avast Antivirus when scanning a malformed Office Open XML file may allow Denial-of-Service of the antivirus process. This issue affects Avast … Jun 12, 2026
CVE-2025-7018 MEDIUM 5.5 Null pointer dereference vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus engine process. This issue … Jun 12, 2026
CVE-2025-7017 HIGH 7.8 Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed Windows MSI file may allow Local Execution of Code or Denial-of-Service of … Jun 12, 2026
CVE-2025-7011 HIGH 7.8 Heap out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed zip file containing XML may allow Local Execution of Code or Denial-of-Service of the … Jun 12, 2026
CVE-2025-7010 MEDIUM 5.5 Stack overflow vulnerability due to uncontrolled recursion in Avast Antivirus when scanning a malformed PDF file may allow Denial-of-Service of the antivirus process. This issue … Jun 12, 2026
CVE-2025-7009 HIGH 7.8 Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Local Execution of Code or Denial-of-Service of the … Jun 12, 2026
CVE-2025-7008 HIGH 7.8 Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Windows PE file with .NET metadata may allow Local Execution of Code or … Jun 12, 2026
CVE-2025-7006 MEDIUM 5.5 Use of stack memory after free vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus process. This … Jun 12, 2026
CVE-2025-7005 MEDIUM 5.5 Uncontrolled recursion vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, … Jun 12, 2026
CVE-2025-7004 HIGH 7.8 Heap buffer out-of-bounds write vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Local Execution of Code or Denial-of-Service of the … Jun 12, 2026
CVE-2025-7003 HIGH 7.8 Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the … Jun 12, 2026
CVE-2025-7002 HIGH 7.8 Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the … Jun 12, 2026
CVE-2020-2521 UNKNOWN Rejected reason: This candidate was issued in error. Jun 12, 2026
CVE-2026-54397 UNKNOWN A vulnerability in MISP’s non-REST event editing path allowed an authenticated user with event edit permissions to manipulate the submitted form data and set an … Jun 12, 2026
CVE-2026-54396 UNKNOWN An information disclosure vulnerability exists in the MISP AuthKey edit functionality. When a validation error occurs during an AuthKey edit request, the user dropdown was … Jun 12, 2026
CVE-2026-54395 UNKNOWN MISP contains a reflected cross-site scripting vulnerability in the UiBeta event index view. The urlparams value is inserted into an inline JavaScript handler using HTML … Jun 12, 2026
CVE-2026-54394 UNKNOWN MISP contains a path traversal vulnerability in OrganisationsController::getOrgLogo. The vulnerable code builds organisation logo file paths using organisation-controlled fields such as id, name, and uuid … Jun 12, 2026
CVE-2026-54393 UNKNOWN A stored cross-site scripting vulnerability exists in MISP when the Overmind theme is used. The setHomePage endpoint previously saved the user-controlled path value through setSettingInternal(), … Jun 12, 2026
CVE-2026-54362 UNKNOWN An incorrect visibility condition in the MISP event template builder allowed authenticated non-site-admin users to view galaxies that should not have been visible to their … Jun 12, 2026